Derive the Ed25519 auth keypair on the extension via HMAC-SHA256(seedBytes, "freighter-auth-v1"). The hex-encoded pubkey is the user's anonymous backend user ID — separate from any Stellar G keypair, never used for wallet signing.
See Cross-Platform Contact Sync design doc — Auth Flow + Key properties.
Blocks: [Extension] Generate per-request backend JWT in @shared/api.
Acceptance:
- Same seed produces identical auth keypair (and therefore identical user ID) on extension and mobile.
- Auth pubkey is not a valid Stellar G address (cryptographically independent from the wallet keypair).
- No wallet-signing prompt is triggered by derivation or use.
Derive the Ed25519 auth keypair on the extension via
HMAC-SHA256(seedBytes, "freighter-auth-v1"). The hex-encoded pubkey is the user's anonymous backend user ID — separate from any Stellar G keypair, never used for wallet signing.See Cross-Platform Contact Sync design doc — Auth Flow + Key properties.
Blocks: [Extension] Generate per-request backend JWT in
@shared/api.Acceptance: